summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/0tests/data/secrets/auth.nix (renamed from makefu/6tests/data/secrets/auth.nix)0
-rw-r--r--makefu/0tests/data/secrets/bepasty-secret.nix (renamed from makefu/6tests/data/secrets/bepasty-secret.nix)0
-rw-r--r--makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname (renamed from makefu/6tests/data/secrets/bgt_cyberwar_hidden_service/hostname)0
-rw-r--r--makefu/0tests/data/secrets/daemon-pw (renamed from makefu/6tests/data/secrets/daemon-pw)0
-rw-r--r--makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix (renamed from makefu/6tests/data/secrets/dl.euer.krebsco.de-auth.nix)0
-rw-r--r--makefu/0tests/data/secrets/extra-hosts.nix (renamed from makefu/6tests/data/secrets/extra-hosts.nix)0
-rw-r--r--makefu/0tests/data/secrets/grafana_security.nix (renamed from makefu/6tests/data/secrets/grafana_security.nix)0
-rw-r--r--makefu/0tests/data/secrets/hashedPasswords.nix (renamed from makefu/6tests/data/secrets/hashedPasswords.nix)0
-rw-r--r--makefu/0tests/data/secrets/iodinepw.nix (renamed from makefu/6tests/data/secrets/iodinepw.nix)0
-rw-r--r--makefu/0tests/data/secrets/kibana-auth.nix (renamed from makefu/6tests/data/secrets/kibana-auth.nix)0
-rw-r--r--makefu/0tests/data/secrets/nsupdate-data.nix (renamed from makefu/6tests/data/secrets/nsupdate-data.nix)0
-rw-r--r--makefu/0tests/data/secrets/nsupdate-search.nix (renamed from makefu/6tests/data/secrets/nsupdate-search.nix)0
-rw-r--r--makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv (renamed from makefu/6tests/data/secrets/retiolum-ci.rsa_key.priv)0
-rw-r--r--makefu/0tests/data/secrets/retiolum.rsa_key.priv (renamed from makefu/6tests/data/secrets/retiolum.rsa_key.priv)0
-rw-r--r--makefu/0tests/data/secrets/retiolum.rsa_key.pub (renamed from makefu/6tests/data/secrets/retiolum.rsa_key.pub)0
-rw-r--r--makefu/0tests/data/secrets/sambacred (renamed from makefu/6tests/data/secrets/sambacred)0
-rw-r--r--makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix (renamed from makefu/6tests/data/secrets/shackspace-gitlab-ci-token.nix)0
-rw-r--r--makefu/0tests/data/secrets/ssh.id_ed25519 (renamed from makefu/6tests/data/secrets/ssh.id_ed25519)0
-rw-r--r--makefu/0tests/data/secrets/ssh.makefu.id_rsa (renamed from makefu/6tests/data/secrets/ssh.makefu.id_rsa)0
-rw-r--r--makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub (renamed from makefu/6tests/data/secrets/ssh.makefu.id_rsa.pub)0
-rw-r--r--makefu/0tests/data/secrets/ssh_host_ed25519_key (renamed from makefu/6tests/data/secrets/ssh_host_ed25519_key)0
-rw-r--r--makefu/0tests/data/secrets/ssh_host_rsa_key (renamed from makefu/6tests/data/secrets/ssh_host_rsa_key)0
-rw-r--r--makefu/0tests/data/secrets/tinc.krebsco.de.crt (renamed from makefu/6tests/data/secrets/tinc.krebsco.de.crt)0
-rw-r--r--makefu/0tests/data/secrets/tinc.krebsco.de.key (renamed from makefu/6tests/data/secrets/tinc.krebsco.de.key)0
-rw-r--r--makefu/0tests/data/secrets/tw-pass.ini (renamed from makefu/6tests/data/secrets/tw-pass.ini)0
-rw-r--r--makefu/0tests/data/secrets/wildcard.krebsco.de.crt (renamed from makefu/6tests/data/secrets/wildcard.krebsco.de.crt)0
-rw-r--r--makefu/0tests/data/secrets/wildcard.krebsco.de.key (renamed from makefu/6tests/data/secrets/wildcard.krebsco.de.key)0
-rw-r--r--makefu/1systems/gum/config.nix5
-rw-r--r--makefu/1systems/gum/source.nix1
-rw-r--r--makefu/1systems/omo/config.nix5
-rw-r--r--makefu/1systems/omo/source.nix1
-rw-r--r--makefu/1systems/wbob/config.nix9
-rw-r--r--makefu/1systems/x/config.nix57
-rw-r--r--makefu/2configs/bluetooth-mpd.nix17
-rw-r--r--makefu/2configs/git/cgit-retiolum.nix1
-rw-r--r--makefu/2configs/gui/automatic-diskmount.nix44
-rw-r--r--makefu/2configs/hw/bluetooth.nix39
-rw-r--r--makefu/2configs/hw/irtoy.nix15
-rw-r--r--makefu/2configs/hw/network-manager.nix3
-rw-r--r--makefu/2configs/hw/rad1o.nix (renamed from makefu/2configs/rad1o.nix)0
-rw-r--r--makefu/2configs/hydra/stockholm.nix1
-rw-r--r--makefu/2configs/main-laptop.nix1
-rw-r--r--makefu/2configs/nginx/euer.mon.nix26
-rw-r--r--makefu/2configs/nginx/misa-felix-hochzeit.ml.nix17
-rw-r--r--makefu/2configs/remote-build/master.nix14
-rw-r--r--makefu/2configs/stats/arafetch.nix19
-rw-r--r--makefu/2configs/tools/all.nix1
-rw-r--r--makefu/2configs/tools/core-gui.nix4
-rw-r--r--makefu/2configs/tools/core.nix9
-rw-r--r--makefu/2configs/tools/desktop.nix11
-rw-r--r--makefu/2configs/urlwatch/default.nix1
-rw-r--r--makefu/5pkgs/ampel/default.nix6
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg3
-rw-r--r--makefu/5pkgs/devpi/default.nix13
-rw-r--r--makefu/5pkgs/elchhub/default.nix4
-rw-r--r--makefu/5pkgs/python-firetv/default.nix2
-rw-r--r--makefu/source.nix59
57 files changed, 262 insertions, 126 deletions
diff --git a/makefu/6tests/data/secrets/auth.nix b/makefu/0tests/data/secrets/auth.nix
index 92d5c34a8..92d5c34a8 100644
--- a/makefu/6tests/data/secrets/auth.nix
+++ b/makefu/0tests/data/secrets/auth.nix
diff --git a/makefu/6tests/data/secrets/bepasty-secret.nix b/makefu/0tests/data/secrets/bepasty-secret.nix
index f5e704702..f5e704702 100644
--- a/makefu/6tests/data/secrets/bepasty-secret.nix
+++ b/makefu/0tests/data/secrets/bepasty-secret.nix
diff --git a/makefu/6tests/data/secrets/bgt_cyberwar_hidden_service/hostname b/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname
index 2ae3807f1..2ae3807f1 100644
--- a/makefu/6tests/data/secrets/bgt_cyberwar_hidden_service/hostname
+++ b/makefu/0tests/data/secrets/bgt_cyberwar_hidden_service/hostname
diff --git a/makefu/6tests/data/secrets/daemon-pw b/makefu/0tests/data/secrets/daemon-pw
index e16c76dff..e16c76dff 100644
--- a/makefu/6tests/data/secrets/daemon-pw
+++ b/makefu/0tests/data/secrets/daemon-pw
diff --git a/makefu/6tests/data/secrets/dl.euer.krebsco.de-auth.nix b/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix
index 0967ef424..0967ef424 100644
--- a/makefu/6tests/data/secrets/dl.euer.krebsco.de-auth.nix
+++ b/makefu/0tests/data/secrets/dl.euer.krebsco.de-auth.nix
diff --git a/makefu/6tests/data/secrets/extra-hosts.nix b/makefu/0tests/data/secrets/extra-hosts.nix
index e16c76dff..e16c76dff 100644
--- a/makefu/6tests/data/secrets/extra-hosts.nix
+++ b/makefu/0tests/data/secrets/extra-hosts.nix
diff --git a/makefu/6tests/data/secrets/grafana_security.nix b/makefu/0tests/data/secrets/grafana_security.nix
index f9096b7cf..f9096b7cf 100644
--- a/makefu/6tests/data/secrets/grafana_security.nix
+++ b/makefu/0tests/data/secrets/grafana_security.nix
diff --git a/makefu/6tests/data/secrets/hashedPasswords.nix b/makefu/0tests/data/secrets/hashedPasswords.nix
index 0967ef424..0967ef424 100644
--- a/makefu/6tests/data/secrets/hashedPasswords.nix
+++ b/makefu/0tests/data/secrets/hashedPasswords.nix
diff --git a/makefu/6tests/data/secrets/iodinepw.nix b/makefu/0tests/data/secrets/iodinepw.nix
index f5e704702..f5e704702 100644
--- a/makefu/6tests/data/secrets/iodinepw.nix
+++ b/makefu/0tests/data/secrets/iodinepw.nix
diff --git a/makefu/6tests/data/secrets/kibana-auth.nix b/makefu/0tests/data/secrets/kibana-auth.nix
index 80e8f44c1..80e8f44c1 100644
--- a/makefu/6tests/data/secrets/kibana-auth.nix
+++ b/makefu/0tests/data/secrets/kibana-auth.nix
diff --git a/makefu/6tests/data/secrets/nsupdate-data.nix b/makefu/0tests/data/secrets/nsupdate-data.nix
index e76c0e87e..e76c0e87e 100644
--- a/makefu/6tests/data/secrets/nsupdate-data.nix
+++ b/makefu/0tests/data/secrets/nsupdate-data.nix
diff --git a/makefu/6tests/data/secrets/nsupdate-search.nix b/makefu/0tests/data/secrets/nsupdate-search.nix
index a9646aeb7..a9646aeb7 100644
--- a/makefu/6tests/data/secrets/nsupdate-search.nix
+++ b/makefu/0tests/data/secrets/nsupdate-search.nix
diff --git a/makefu/6tests/data/secrets/retiolum-ci.rsa_key.priv b/makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/retiolum-ci.rsa_key.priv
+++ b/makefu/0tests/data/secrets/retiolum-ci.rsa_key.priv
diff --git a/makefu/6tests/data/secrets/retiolum.rsa_key.priv b/makefu/0tests/data/secrets/retiolum.rsa_key.priv
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/retiolum.rsa_key.priv
+++ b/makefu/0tests/data/secrets/retiolum.rsa_key.priv
diff --git a/makefu/6tests/data/secrets/retiolum.rsa_key.pub b/makefu/0tests/data/secrets/retiolum.rsa_key.pub
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/retiolum.rsa_key.pub
+++ b/makefu/0tests/data/secrets/retiolum.rsa_key.pub
diff --git a/makefu/6tests/data/secrets/sambacred b/makefu/0tests/data/secrets/sambacred
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/sambacred
+++ b/makefu/0tests/data/secrets/sambacred
diff --git a/makefu/6tests/data/secrets/shackspace-gitlab-ci-token.nix b/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix
index 963e6db8b..963e6db8b 100644
--- a/makefu/6tests/data/secrets/shackspace-gitlab-ci-token.nix
+++ b/makefu/0tests/data/secrets/shackspace-gitlab-ci-token.nix
diff --git a/makefu/6tests/data/secrets/ssh.id_ed25519 b/makefu/0tests/data/secrets/ssh.id_ed25519
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/ssh.id_ed25519
+++ b/makefu/0tests/data/secrets/ssh.id_ed25519
diff --git a/makefu/6tests/data/secrets/ssh.makefu.id_rsa b/makefu/0tests/data/secrets/ssh.makefu.id_rsa
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/ssh.makefu.id_rsa
+++ b/makefu/0tests/data/secrets/ssh.makefu.id_rsa
diff --git a/makefu/6tests/data/secrets/ssh.makefu.id_rsa.pub b/makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/ssh.makefu.id_rsa.pub
+++ b/makefu/0tests/data/secrets/ssh.makefu.id_rsa.pub
diff --git a/makefu/6tests/data/secrets/ssh_host_ed25519_key b/makefu/0tests/data/secrets/ssh_host_ed25519_key
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/ssh_host_ed25519_key
+++ b/makefu/0tests/data/secrets/ssh_host_ed25519_key
diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/0tests/data/secrets/ssh_host_rsa_key
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/ssh_host_rsa_key
+++ b/makefu/0tests/data/secrets/ssh_host_rsa_key
diff --git a/makefu/6tests/data/secrets/tinc.krebsco.de.crt b/makefu/0tests/data/secrets/tinc.krebsco.de.crt
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/tinc.krebsco.de.crt
+++ b/makefu/0tests/data/secrets/tinc.krebsco.de.crt
diff --git a/makefu/6tests/data/secrets/tinc.krebsco.de.key b/makefu/0tests/data/secrets/tinc.krebsco.de.key
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/tinc.krebsco.de.key
+++ b/makefu/0tests/data/secrets/tinc.krebsco.de.key
diff --git a/makefu/6tests/data/secrets/tw-pass.ini b/makefu/0tests/data/secrets/tw-pass.ini
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/tw-pass.ini
+++ b/makefu/0tests/data/secrets/tw-pass.ini
diff --git a/makefu/6tests/data/secrets/wildcard.krebsco.de.crt b/makefu/0tests/data/secrets/wildcard.krebsco.de.crt
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/wildcard.krebsco.de.crt
+++ b/makefu/0tests/data/secrets/wildcard.krebsco.de.crt
diff --git a/makefu/6tests/data/secrets/wildcard.krebsco.de.key b/makefu/0tests/data/secrets/wildcard.krebsco.de.key
index e69de29bb..e69de29bb 100644
--- a/makefu/6tests/data/secrets/wildcard.krebsco.de.key
+++ b/makefu/0tests/data/secrets/wildcard.krebsco.de.key
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 40fa233d3..9b6d9d571 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -62,10 +62,13 @@ in {
## Web
<stockholm/makefu/2configs/nginx/share-download.nix>
<stockholm/makefu/2configs/nginx/euer.test.nix>
+ <stockholm/makefu/2configs/nginx/euer.mon.nix>
<stockholm/makefu/2configs/nginx/euer.wiki.nix>
<stockholm/makefu/2configs/nginx/euer.blog.nix>
+ # <stockholm/makefu/2configs/nginx/gum.krebsco.de.nix>
<stockholm/makefu/2configs/nginx/public_html.nix>
<stockholm/makefu/2configs/nginx/update.connector.one.nix>
+ <stockholm/makefu/2configs/nginx/misa-felix-hochzeit.ml.nix>
<stockholm/makefu/2configs/deployment/photostore.krebsco.de.nix>
<stockholm/makefu/2configs/deployment/graphs.nix>
@@ -222,6 +225,8 @@ in {
25
# http
80 443
+ # httptunnel
+ 8080 8443
# tinc
655
# tinc-shack
diff --git a/makefu/1systems/gum/source.nix b/makefu/1systems/gum/source.nix
index b3ce743ca..e3ca472e4 100644
--- a/makefu/1systems/gum/source.nix
+++ b/makefu/1systems/gum/source.nix
@@ -1,4 +1,5 @@
import <stockholm/makefu/source.nix> {
name="gum";
torrent = true;
+ clever_kexec = true;
}
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index bed6ae9fd..a85d5f5ce 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -50,6 +50,7 @@ in {
<stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/mail-client.nix>
<stockholm/makefu/2configs/mosh.nix>
+ <stockholm/makefu/2configs/tools/mobility.nix>
# <stockholm/makefu/2configs/disable_v6.nix>
#<stockholm/makefu/2configs/graphite-standalone.nix>
#<stockholm/makefu/2configs/share-user-sftp.nix>
@@ -85,7 +86,7 @@ in {
<stockholm/makefu/2configs/sshd-totp.nix>
# <stockholm/makefu/2configs/logging/central-logging-client.nix>
- # <stockholm/makefu/2configs/torrent.nix>
+ <stockholm/makefu/2configs/torrent.nix>
# <stockholm/makefu/2configs/elchos/search.nix>
# <stockholm/makefu/2configs/elchos/log.nix>
@@ -100,7 +101,7 @@ in {
makefu.full-populate = true;
makefu.server.primary-itf = primaryInterface;
krebs.rtorrent = {
- downloadDir = lib.mkForce "/media/crypt0/torrent";
+ downloadDir = lib.mkForce "/media/cryptX/torrent";
extraConfig = ''
upload_rate = 200
'';
diff --git a/makefu/1systems/omo/source.nix b/makefu/1systems/omo/source.nix
index 94fd9cbe6..da0d87aad 100644
--- a/makefu/1systems/omo/source.nix
+++ b/makefu/1systems/omo/source.nix
@@ -1,3 +1,4 @@
import <stockholm/makefu/source.nix> {
name="omo";
+ torrent = true;
}
diff --git a/makefu/1systems/wbob/config.nix b/makefu/1systems/wbob/config.nix
index cfbcf0e9c..df317a016 100644
--- a/makefu/1systems/wbob/config.nix
+++ b/makefu/1systems/wbob/config.nix
@@ -29,10 +29,13 @@ in {
# <stockholm/makefu/2configs/vncserver.nix>
# Services
- <stockholm/makefu/2configs/hydra/stockholm.nix>
+ # <stockholm/makefu/2configs/hydra/stockholm.nix>
<stockholm/makefu/2configs/share/wbob.nix>
<stockholm/makefu/2configs/bluetooth-mpd.nix>
+ {
+ users.users.makefu.extraGroups = [ "pulse" ];
+ }
# Sensors
<stockholm/makefu/2configs/stats/telegraf>
@@ -49,9 +52,10 @@ in {
db = "collectd_db";
logging-interface = "enp0s25";
in {
+ networking.firewall.allowedTCPPorts = [ 3000 ];
+
services.grafana.enable = true;
services.grafana.addr = "0.0.0.0";
-
services.influxdb.enable = true;
services.influxdb.extraConfig = {
meta.hostname = config.krebs.build.host.name;
@@ -121,6 +125,7 @@ in {
networking.firewall.allowedTCPPorts = [
655
8081 #smokeping
+ 8086 #influx
49152
];
networking.firewall.trustedInterfaces = [ "enp0s25" ];
diff --git a/makefu/1systems/x/config.nix b/makefu/1systems/x/config.nix
index f72f2a15b..451689f91 100644
--- a/makefu/1systems/x/config.nix
+++ b/makefu/1systems/x/config.nix
@@ -19,6 +19,7 @@ with import <stockholm/lib>;
# Debugging
# <stockholm/makefu/2configs/disable_v6.nix>
+ # <stockholm/makefu/2configs/pyload.nix>
# Testing
# <stockholm/makefu/2configs/deployment/gitlab.nix>
@@ -67,7 +68,9 @@ with import <stockholm/lib>;
# <stockholm/makefu/2configs/hw/rtl8812au.nix>
<stockholm/makefu/2configs/hw/network-manager.nix>
<stockholm/makefu/2configs/hw/stk1160.nix>
- # <stockholm/makefu/2configs/rad1o.nix>
+ <stockholm/makefu/2configs/hw/irtoy.nix>
+ <stockholm/makefu/2configs/hw/bluetooth.nix>
+ # <stockholm/makefu/2configs/hw/rad1o.nix>
# Filesystem
<stockholm/makefu/2configs/fs/sda-crypto-root-home.nix>
@@ -103,53 +106,9 @@ with import <stockholm/lib>;
];
};
}
- { # bluetooth+pulse config
- # for blueman-applet
- users.users.makefu.packages = [
- pkgs.blueman
- ];
- hardware.pulseaudio = {
- enable = true;
- package = pkgs.pulseaudioFull;
- # systemWide = true;
- support32Bit = true;
- configFile = pkgs.writeText "default.pa" ''
- load-module module-udev-detect
- load-module module-bluetooth-policy
- load-module module-bluetooth-discover
- load-module module-native-protocol-unix
- load-module module-always-sink
- load-module module-console-kit
- load-module module-systemd-login
- load-module module-intended-roles
- load-module module-position-event-sounds
- load-module module-filter-heuristics
- load-module module-filter-apply
- load-module module-switch-on-connect
- load-module module-switch-on-port-available
- '';
- };
-
- # presumably a2dp Sink
- # Enable profile:
- ## pacmd set-card-profile "$(pactl list cards short | egrep -o bluez_card[[:alnum:]._]+)" a2dp_sink
- hardware.bluetooth.extraConfig = '';
- [general]
- Enable=Source,Sink,Media,Socket
- '';
-
- # connect via https://nixos.wiki/wiki/Bluetooth#Using_Bluetooth_headsets_with_PulseAudio
- hardware.bluetooth.enable = true;
- }
- { # auto-mounting
- services.udisks2.enable = true;
- services.devmon.enable = true;
- # services.gnome3.gvfs.enable = true;
- users.users.makefu.packages = with pkgs;[
- gvfs pcmanfm lxmenu-data
- ];
- environment.variables.GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ];
- }
+ # {
+ # services.zerotierone.enable = true;
+ # }
];
@@ -170,11 +129,11 @@ with import <stockholm/lib>;
networking.extraHosts = ''
192.168.1.11 omo.local
+ 80.92.65.53 www.wifionice.de wifionice.de
'';
# hard dependency because otherwise the device will not be unlocked
boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
- nix.package = pkgs.nixUnstable;
environment.systemPackages = [ pkgs.passwdqc-utils pkgs.nixUnstable ];
nixpkgs.overlays = [ (import <python/overlay.nix>) ];
diff --git a/makefu/2configs/bluetooth-mpd.nix b/makefu/2configs/bluetooth-mpd.nix
index 226f5cf1f..b59d3ce10 100644
--- a/makefu/2configs/bluetooth-mpd.nix
+++ b/makefu/2configs/bluetooth-mpd.nix
@@ -34,7 +34,7 @@ in {
hardware.